PHP Pro Publish cat.php catid Variable SQL Injection

Description

Vulnerability Description

PHP Pro Publish contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'cat.php' script not properly sanitizing user-supplied input to the 'catid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

PHP Pro Publish contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'cat.php' script not properly sanitizing user-supplied input to the 'catid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.

All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2018